cloud cybersecurity beyond saas
TRANSCRIPT
April 28, 2015
Cloud Cybersecurity Beyond SaaS
Tsahy ShapsaCo-Founder
Russell MillerDirector of Product Marketing
The Enterprise Cloud IT Backbone & Cloud Factory
Business Backbone People Factory (PaaS & IaaS)
Legacy Security SolutionsON
- P
RE
MIS
EC
LO
UD
CyberSecurity Fabric
Messaging & Collaboration
Sales & marketing
HR & Skills
Finance
Sharepoint
Apps
App Server
Database
force.com
CloudLock Confidential - DO NOT DISTRIBUTE 2
Agenda
01
02
03
04
Cyberlab Research: The 1% Who Can Take Down Your Organization
The Anatomy of a Cloud Cyberattack
To Proxy or Not To Proxy
CloudLock Cybersecurity Fabric
3
05
Requirements for a Cloud Security Solution
The 1% Who Can Take Down Your Organization
4
Disproportionate Cloud Risk
5
Cyberlab
Agenda
01
02
03
04
Cyberlab Research: The 1% Who Can Take Down Your Organization
The Anatomy of a Cloud Cyberattack
To Proxy or Not To Proxy
CloudLock Cybersecurity Fabric
6
05
Requirements for a Cloud Security Solution
Anatomy of a pure cloud cyberattack
Deliver ActRecon
1 2 3
Recon - Person / Location / Activity / Relevance
Deliver - Pure Cloud Weapon - Delivery
Deliver - Pure Cloud Weapon - Authorization
Act - Cyberattack - Escalate / Impersonate / Exfiltrate
Agenda
01
02
03
04
Cyberlab Research: The 1% Who Can Take Down Your Organization
The Anatomy of a Cloud Cyberattack
CloudLock Cybersecurity Fabric
12
05
Requirements for a Cloud Security Solution
To Proxy or Not To Proxy
People Centric Approach to Cloud Cybersecurity
13
IDENTITY CLOUD
DEVICE
ACCOUNTS APPS
DATA
ACCOUNTS APPS
DATA
Cloud Cybersecurity - Compromised Accounts
14
#1 Compromised Accounts
#2 Cloud Malware
#3 Data Breaches
#4 Compliance
#5 SecOps & Forensics
15
To detect account compromises, look across platforms!
▪
▪
● Distance from the US to the Central African Republic: 7,362 miles● At a speed of 800 mph, it would take 9.2 hours to travel between
them
ACCOUNTS APPS
DATA
Cloud Cybersecurity - Cloud Malware
16
#1 Compromised Accounts
#2 Cloud Malware
#3 Data Breaches
#4 Compliance
#5 SecOps & Forensics
Cloud Cybersecurity - Cloud Malware
17
Multiple Users Amount & Type of Data & Appsx x3rd Party
OAuth App
ACCOUNTS APPS
DATA
Cloud Cybersecurity - Data Breaches
18
#1 Compromised Accounts
#2 Cloud Malware
#3 Data Breaches
#4 Compliance
#5 SecOps & Forensics
ACCOUNTS APPS
DATA
Cloud Cybersecurity - Compliance
20
#1 Compromised Accounts
#2 Cloud Malware
#3 Data Breaches
#4 Compliance
#5 SecOps & Forensics
ACCOUNTS APPS
DATA
Cloud Cybersecurity - SecOps & Forensics
22
#1 Compromised Accounts
#2 Cloud Malware
#3 Data Breaches
#4 Compliance
#5 SecOps & Forensics
Agenda
01
02
03
04
Cyberlab Research: The 1% Who Can Take Down Your Organization
The Anatomy of a Cloud Cyberattack
CloudLock Cybersecurity Fabric
24
05
Requirements for a Cloud Security Solution
To Proxy or Not To Proxy
Questions You Must Ask Yourself
SaaS
force.com
PaaS and IaaS
force.com
IDaaS
What do users do in my Cloud Apps?
How do I identify compromised Accounts?
What Shadow Apps are my users using?
Are Shadow Apps connected to sanctioned Ones ?
Do I have sensitive Toxic/regulated data in the cloud?
How do I encrypt/ Quarantine sensitive data in the cloud?
SaaS
force.com
PaaS and IaaS
force.com
IDaaS
To Proxy or Not To Proxy...
26
Proxy Hybrid API
“ I fear not the man who has
practiced 10,000 kicks once, but I
fear the man who has practiced
one kick 10,000 times.”
Focus is Success
Agenda
01
02
03
04
Cyberlab Research: The 1% Who Can Take Down Your Organization
The Anatomy of a Cloud Cyberattack
CloudLock Cybersecurity Fabric
28
05
Requirements for a Cloud Security Solution
To Proxy or Not To Proxy
Enterprise
Cloud Cybersecurity Platform
App Developer
Homegrown Apps
ISV Cloud Apps
End - User 29CloudLock Confidential - DO NOT DISTRIBUTE
DLP / Content Classification
EncryptionManagement
AppsFirewall
Configuration Security
IT Security
User Behavior Analytics
. . .
Enterprise
SaaS
force.com
PaaS and IaaS IDaaS
Cybersecurity is much more than just SaaS
Case Study: PCI Compliance on AWS
● ACME Runs a Video Streaming Service on AWS
● Home-grown apps process CC info
● Recent Data Breaches sparked audit board toassess ‘PCI risk profile’
Company Profile
Business Requirements
● PCI Risk Assessment of data stored in S3● Establish on-going PCI compliance
enforcement controls on S3● Create a PCI Compliance reporting Readiness
for internal & external audit● ‘Everything-as-a-Service’ DNA
Solution: PCI-Compliance-as-a-Service
Enterprise
■ POC - one day
■ Subscribe to CloudLock’s ‘Content
Classification’ API service
■ Minor modification to home-grownapp
Solution
CloudLock APIs
File / Object
Query:PCI Data?
10 ‘hits’ of PCI Data
Next Step: Get a Cybersecurity Assessment
bit.ly/cloudlock-assessment
Q&A Tsahy ShapsaCo-Founder
Russell MillerDirector of Product Marketing
CloudLock Cybersecurity Report
CloudLock Cloud Cybersecurity Report: 1% Who Can Take Down Your Organization
Key Findings:
FREE DOWNLOAD
35
AppsTop 25 apps that connect to corporate accounts comprise 62% of all installs - each representing a digital inroad to your organization, yet there is a long tail of hundreds of apps with fewer installs but higher risk profiles
Collaboration75% of inter-organization collaboration is with 25 other organizations, despite an average of 865 collaborative organizations per company
UsersThe Top 1% of Users Create 75% of Cloud Cybersecurity Risk
36
CloudLock: Proven Leader for Cloud Cybersecurity
91,000APPS
DISCOVERED
10 MillionUSERS FILES
MONITORED DAILY
1 Billion
Q1 2015 Cloud Cybersecurity Report: The Extended Perimeter
38
CloudLock’s DNA
Business
Investors
Trust
Value Prop
Approach
Founded in 2011, 135 Employees, global offices
Unified multi-cloud solution for Cloud Data Protection & Governance, Risk & Compliance, App
Discovery & Control, Auditing & Forensics, Threat Protection & User Behavior Analytics
SaaS: Cloud-Native and 100% API-based
No gateways, no proxies, no impact on workflows, users, or platform performance
40
Cloud Security Fabric
Inc. 500 (Aug. 2015)
41
3-year growth: 3,557%
Overall: No. 93
Security: No. 1 in U.S.
Technology: No 1 in Mass